|
Knowing what IP address is used on the FortiGate is crucial for troubleshooting and configuration purposes in many use cases. Especially if SNAT is required, configuring the wrong IP address on SNAT can cause network failure.
To verify all IP addresses used on the FortiGate, static or dynamically assigned (including IPsec tunnel, internal and public IP addresses), the following command can be used:
diagnose ip address list
The command above provides information related to:
- IP address and subnet mask.
- interface index number ("index" which is useful to check the default IP used for self-originated traffic).
- interface name and its alias ('devname').
Sample output:
diagnose ip address list
IP=10.31.101.100->10.31.101.100/255.255.255.0 index=3 devname=internal
IP=172.20.120.122->172.20.120.122/255.255.255.0 index=5 devname=wan1
IP=127.0.0.1->127.0.0.1/255.0.0.0 index=8 devname=root
IP=127.0.0.1->127.0.0.1/255.0.0.0 index=11 devname=vsys_ha
IP=127.0.0.1->127.0.0.1/255.0.0.0 index=13 devname=vsys_fgfm
Note:
vsys_ha and vsys_fgfm, the IP addresses are the local host, which are virtual interfaces that are used internally.
|
